threading on the internet can be riskless - fujitsu fac2017track1...presenter date threading on the...

Presenter Date

Threading on the Internet can be Riskless

Sean Lim

Senior Systems Engineer

2nd Nov 2017

Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY

Expanded Surface: Data Protection & Compliance

Regional

Office

Roaming

Users Personal Devices

Security Stack

WEB & SHADOW IT

SaaS APPS


Regional

Office

Roaming

Users

SSL Encryption

IOT Devices Personal Devices

SSL Encryption

Security Stack

SSL Encryption WEB & SHADOW IT

SaaS APPS


Regional

Office

Roaming

Users Personal Devices

Security Stack

WEB & SHADOW IT

SaaS APPS

...With the capability, reliability, performance of on-prem security systems

Protect my users from ubiquitous threats?

Secure data & comply with legal regulations?

Effectively manage new devices and mobile users?

How Do I Move to Cloud Security To…


Symantec Web Security Service

Headquarters Data Center

IOT Devices Personal Devices

Take Remote Sites Safely “Direct to Net”

Symantec Web Security Service (WSS)

Threat Protection, Information Security, & Access Governance

For Remote Sites, Mobile Users, & Data Centers

Assure a Safe & Simple Migration to Cloud

Regional Office

Extend Web & Cloud Governance to Mobile

Configure Universal Policy For True Hybrid

PROXY PROXY

Roaming Users

WEB & SHADOW IT

SaaS APPS


Cloud-delivered ProxySG Secure Web Gateway

Set granular policies to control web usage

Cloud-only or mixed model (cloud & HW)

Market-leading enterprise-class feature set Symantec Web

Security Service

Malware Scanning & Analysis

Information Protection

CASB

Unified Management

(Cloud & Premise)

Symantec Web Security Service


SSAE16 ISO 27001

Symantec Global Cloud

• Any customer / any data center

• Standard 99.999% availability SLA

• Automatic closest data center selection

• >50% capacity utilization expansion trigger

• Hosted at top tier infrastructure providers

• Redundant within and between locations

• >55 service points https://www.symantec.com/products/web-and-cloud-security/cloud-delivered-web-security-services/resources

Symantec Cloud Services Footprint

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjN2s79-53MAhVB9mMKHWC0BucQjRwIBw&url=http://www.a-lign.com/5-benefits-annual-compliance-reports/&bvm=bv.119967911,d.cGc&psig=AFQjCNFBQHE1iU9f3iybJCVczxN3XWASAg&ust=1461267546766771

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjN2s79-53MAhVB9mMKHWC0BucQjRwIBw&url=http://www.a-lign.com/5-benefits-annual-compliance-reports/&bvm=bv.119967911,d.cGc&psig=AFQjCNFBQHE1iU9f3iybJCVczxN3XWASAg&ust=1461267546766771


9 global threat response centers

3,800 researchers &

engineers 3.7 Trillion

lines of telemetry

430 million new unique malware

files discovered

182M new web

attacks blocked

100M social engineering

scams blocked

20,000+ cloud apps cataloged

& profiled

WWW 163M

Protected Email Users 2 Billion emails scanned per day

4.5 Billion new queries processed

daily

175M Protected Endpoints 1 Billion

previously unseen daily web requests

80M Web Proxy Users

15,000 Largest Global Enterprises

Correlated

Data

Correlated

Data

Correlated

Data CORRELATION ACROSS VECTORS

Last

Year

Global Intelligence Network


Simplified Governance & Accelerated User Experience WSS: Optimized for Office 365

TCP Window

Wider Transfer Windows Increased Bandwidth Throughput Fewer Round Trips & Reduced Latency

Fewer “Hops” Faster Path Lower Latency

Simplify Powerful Proxy Policy for O365 Automate Classification of Office 365 Application Traffic Synchronize Rapidly Changing O365 IP’s and URLs with MSFT

Simplify Governance

Accelerate User Experience Optimize Content Delivery with Content Peering

Accelerate Connections with TCP Window Scaling

Application-level QoS

Quality of Service

End Use

r

WSS 4

2

3

Content Provider

9

6

5 1 7 W

ITH

OU

T P

EER

ING

8

WIT

H P

EER

ING

End Use

r

2

Content Providers

1

WSS 4

3

10 Copyright © 2017 Symantec Corporation

The Threat of the Unknown Web

• URL filtering and risk level are VERY effective in

identifying known good and known bad domains

Source: Bluecoat

Known Bad Known Good

• But what about unknown, uncategorized or

potentially risky domains? o Many are legitimate, but some offer ideal cover for

hackers launching attacks

o 71% of all host names exist for 24 hours or less

o Millions of new sites created every day

• Security teams either: o Block access at the expense of business productivity

or

o Incur risk by enabling wider access

Unknown

U

N

C

A

T

E

G

O

R

I

Z

E

D

R

I

S

K

Y


Web Isolation Architecture

User

User gestures

Transparent

Clientless

Rendering

100% safe

visual stream

Web

Documents

Email

Threat Isolation Platform

Secure Disposable Container

Render Execute Download

• Execute and render web sessions remotely

• Isolate both web and email, including attachments


Anatomy of a Web Page Why web browsing is such a massive attack

surface How Fireglass eliminates the web attack surface


Eliminating the Internet as a Source of Risk


Web access policy: • Always allow certain

categories/sites • Always block certain

categories/sites • Key Issue – Middle

Ground o Over-block – creates

user issues o Under-block –

Increased risk of malware

Problem: Over-blocking the “Middle Ground” sites


Web access policy: • Always allow certain

categories/sites • Always block certain

categories/sites • Middle ground

categories/sites get isolated o Expanded access

with no malware risk

Stop Over-blocking Web Isolation With Proxy Using Website Categories


Stop Over-blocking Web Isolation With Proxy Using Categories (With Risk Levels: BCIS-Advanced)

Web access policy: • Allow certain categories

and low risk sites • Block certain categories

and riskiest sites • Middle ground

categories & potentially risky sites get isolated o Expanded access

with no malware risk

Thank You!